One 、 Concept and abstract

HTTPS (Secure Hypertext Transfer Protocol) Secure hypertext transfer protocol , It's a secure communication channel , It's based on HTTP Developed to exchange information between client computers and servers . It uses the secure sockets layer (SSL) Exchange of information , In short, it's HTTP Security version , It's using TLS/SSL Encrypted HTTP agreement .

HTTP The protocol uses clear text to transmit information , There's information eavesdropping 、 The risk of information tampering and information hijacking , And the agreement TLS/SSL With authentication 、 Information encryption and integrity verification functions , This kind of problem can be avoided .

TLS/SSL Security transport layer protocol Transport Layer Security, Is between TCP and HTTP A layer of security agreement between , Does not affect the original TCP The protocol and HTTP agreement , So use HTTPS Basically, you don't need to be right HTTP Too many changes to the page .

Two 、HTTPS and HTTP The difference between

What is? HTTPS

HTTPS Is in HTTP On the establishment of SSL Encryption layer , And encrypt the transmitted data , yes HTTP Secure version of the protocol .HTTPS The main functions are :

(1) Encrypt data , And establish an information security channel , To ensure data security during transmission ;

(2) Real identity authentication of website server .

What is? HTTP

HTTP It is the most widely used network protocol on the Internet , Is a client and server-side request and response standard (TCP), For from WWW Server transport hypertext to local browser transport protocol .HTTP It's data transmission in plaintext , It is very easy to be stolen and tampered by criminals .

HTTPS and HTTP What's the difference

1、HTTPS It's encrypted transport protocol ,HTTP It's the name transfer protocol ;

2、 HTTPS Standard port 443,HTTP Standard port 80;

3、 HTTPS Based on the transport layer ,HTTP Based on the application layer ;

The differences at the protocol level are shown below :

3、 ... and 、TLS/SSL working principle

HTTPS The main functions of the protocol basically depend on TLS/SSL agreement ,TLS/SSL The implementation of the function mainly depends on three kinds of basic algorithms : Hash function Hash、 Symmetric and asymmetric encryption , It uses asymmetric encryption to realize identity authentication and key agreement , The symmetric encryption algorithm encrypts data with a negotiated key , Verify the integrity of information based on hash function .

Hash function Hash

Common are MD5、SHA1、SHA256, This kind of function is characterized by one-way irreversibility 、 Very sensitive to input 、 Fixed output length , Any modification to the data will change the result of the hash function , Used to prevent information tampering and verify the integrity of data ;

In the process of information transmission , Hash function can't realize information tamper proof alone , Because plaintext transmission , The middleman can modify the information and recalculate the summary of the information , Therefore, it is necessary to encrypt the transmitted information and information digest ;

Symmetric encryption

Common are AES-CBC、DES、3DES、AES-GCM etc. , The same key can be used to encrypt and decrypt information , Only by holding the key can we get the information , Can prevent information eavesdropping , The mode of communication is 1 Yes 1;

The advantage of symmetric encryption is information transmission 1 Yes 1, Need to share the same password , Password security is the foundation of information security , The server and N Client communication , It needs to be maintained N A password record , And there is no mechanism to change the password ;

Asymmetric encryption

That is common RSA Algorithm , It also includes ECC、DH And so on , The characteristic of the algorithm is , Key pairs appear , It's commonly called the public key ( Open ) And a private key ( A secret ), The information encrypted by public key can only be decrypted by private key , The information encrypted by private key can only be decrypted by public key . Therefore, different clients with public key cannot decrypt information from each other , Encrypted communication can only be made with the server holding the private key , The server can implement 1 Communication to many , The client can also be used to verify the identity of the server holding the private key .

Asymmetric encryption is characterized by information transmission 1 For more than , The server only needs to maintain a private key to be able to communicate encrypted with multiple clients , But the information sent by the server can be decrypted by all clients , And the calculation of the algorithm is complex , Encryption speed is slow .

Combined with the characteristics of three kinds of algorithms ,TLS The basic way of working is , The client communicates with the server using asymmetric encryption , Implements authentication and negotiates the key used for symmetric encryption , Then the symmetric encryption algorithm uses the negotiation key to encrypt the information and the information digest , Different nodes use different symmetric keys , So that information can only be obtained by both sides of communication .

Four 、TLS/SSL Handshake process

Handshake and key agreement process

The figure below shows ---- be based on RSA Handshake and key exchange client authentication server for example TLS/SSL Handshake process .

(1).client_hello

Client initiates request , Transfer request information in clear text , Contains version information , List of encryption suite candidates , Compression algorithm candidate list , random number , Expand fields and other information , The relevant information is as follows :

Highest support TSL Protocol version version, From low to high SSLv2 SSLv3 TLSv1 TLSv1.1 TLSv1.2, Currently, it is no longer used below TLSv1 Version of ;

Encryption suite supported by client cipher suites list , Each encryption suite corresponds to the front TLS The combination of the four functions in the principle : Authentication algorithm Au ( Authentication )、 Key exchange algorithm KeyExchange( Key agreement )、 Symmetric encryption algorithm Enc ( Information encryption ) And summary of information Mac( Integrity check );

Supported compression algorithms compression methods list , For subsequent information compression transmission ;

random number random_C, For subsequent key generation ;

Extension field extensions, Support protocol and algorithm related parameters and other auxiliary information , common SNI It belongs to the extended field , The function of this field will be discussed separately later .

(2).server_hello+server_certificate+sever_hello_done

(a) server_hello, The server returns the negotiation result , Including the protocol version you choose to use version, Selected encryption suite cipher suite, Selected compression algorithm compression method、 random number random_S etc. , The random number is used in the subsequent key agreement ;

(b)server_certificates, The server side configures the corresponding certificate chain , For authentication and key exchange ;

(c) server_hello_done, Notify the client server_hello End of message sending ;

(3). Certificate verification

The client verifies the validity of the certificate , If the verification is passed, the subsequent communication will be carried out , Otherwise, it will prompt and operate according to the error situation , Validation includes the following :

The credibility of the certificate chain trusted certificate path, The method is as described above ;

Whether the certificate is revoked revocation, There are two ways to go offline CRL And online OCSP, Different clients behave differently ;

The period of validity expiry date, Whether the certificate is in the valid time range ;

domain name domain, Verify that the certificate domain name matches the current access domain name , Follow up analysis of matching rules ;

(4).client_key_exchange+change_cipher_spec+encrypted_handshake_message

(a) client_key_exchange, After the validation of validity , Client computing produces random numbers Pre-master, And encrypt with certificate public key , Send to the server ;

(b) At this time, the client has obtained all the information needed to calculate the negotiation key : Two plaintext random numbers random_C and random_S With the self calculation Pre-master, The negotiation key is calculated ;

enc_key=Fuc(random_C, random_S, Pre-Master)

(c) change_cipher_spec, The client notifies the server that the subsequent communication uses the negotiated communication key and encryption algorithm to encrypt communication ;

(d) encrypted_handshake_message, Combining all previous communication parameters hash Value and other relevant information to generate a piece of data , Using a negotiated key session secret Encryption with algorithm , It is then sent to the server for data and handshake verification ;

(5).change_cipher_spec+encrypted_handshake_message

(a) The server decrypts the encrypted with the private key Pre-master data , Based on the two plaintext random numbers previously exchanged random_C and random_S, The negotiation key is calculated :enc_key=Fuc(random_C, random_S, Pre-Master);

(b) Calculate all received messages before hash value , Then decrypt the client sent encrypted_handshake_message, Verify data and key correctness ;

(c) change_cipher_spec, After passing the verification , The server also sends change_cipher_spec To inform the client that the subsequent communication uses the key and algorithm to encrypt communication ;

(d) encrypted_handshake_message, The server also generates a piece of data by combining all the current communication parameter information and adopts the negotiated key session secret Encrypt with algorithm and send to client ;

(6). End of handshake

The client computes all received messages hash value , And decrypt with the negotiated key encrypted_handshake_message, Verify the data and key sent by the server , If the verification passes, the handshake is completed ;

(7). Encrypted communication

Start to use the negotiated key to encrypt communication with the algorithm .

Be careful :

(a) The server can also ask to authenticate the client , Two way authentication , It can be done in the process 2 To send client_certificate_request Information , The client is in the process 4 Send first client_certificate And certificate_verify_message Information , The authentication of certificates is basically the same ,certificate_verify_message Is to use client The private key of the encryption section is based on the communication information that has been negotiated to get the data , The server can decrypt and verify with the corresponding public key ;

(b) Depending on the key exchange algorithm used , Such as  ECC  etc. , The details of the negotiations are slightly different , It's similar in general ;

(c) sever key exchange The role of is server certificate When not carrying enough information , Send to the client to calculate pre-master, Based on DH Certificate , The public key is not contained in the certificate , It needs to be sent separately ;

(d) change cipher spec It can be used to inform the peer to modify the current encrypted communication mode , There is no in-depth analysis of ;

(e) alter message Used to indicate state changes or error messages during handshake or communication , The general alarm information trigger condition is that the connection is closed , Received illegal information , Information decryption failed , User cancels operations, etc , After receiving the alarm message , The communication will be disconnected or the receiver will decide whether to disconnect or not .

Session cache handshake process

To speed up the establishment of a handshake , Reduce the performance degradation and resource consumption caused by the protocol ( The specific analysis is in the following article ),TLS The protocol has two types of session caching mechanisms : Session ID session ID And conversation recording session ticket.

session ID Supported by the server side , Standard fields in the protocol , So basically all servers support , The server saves the session ID And negotiated Communications ,Nginx in 1M Memory can be used to store 4000 individual session ID Machine related information , It takes up more server resources ;

session ticket Need both server and client support , Belongs to an extended field , The scope of support is about 60%( No reliable statistics and sources ), Encrypt the communication information and send it to the client for saving , Only the server knows the key , It takes up very little server resources .

distinguish between , The main reason is that the location and mode of saving negotiation information are different , Similar to http Medium session And cookie.

In the case of both ,(nginx Realization ) priority of use session_ticket.

The handshake process is as follows :

Be careful : Although the handshake process has 1.5 Back and forth , However, the first application data sent by the client to the server does not need to wait for the information returned by the server , So the handshake delay is 1*RTT.

(1). Session ID session ID

(a) If a connection has been established between the client and the server , The server will return after a successful handshake session ID, And save the corresponding communication parameters in the server ;

(b) If the client needs to establish a connection with the server again , It's in client_hello in session ID Carry recorded information in , Send to the server ;

(c) The server receives session ID Retrieve cache records , If there is no retrieval, the arrival cache is expired , Follow the normal handshake process ;

(d) If the corresponding cache record is retrieved , Then return to change_cipher_spec And encrypted_handshake_message Information , The two messages work in a similar way ,encrypted_handshake_message Is to the current communication parameters and master_secret Of hash value ;

(f) If the client can verify that the data is encrypted through the server , The client also sends change_cipher_spec And encrypted_handshake_message Information ;

(g) The server verifies that the data passes through , Then the handshake is established successfully , Start normal encrypted data communication .

(2). Conversation recording session ticket

(a) If a connection has been established between the client and the server , The server will be in new_session_ticket Data carrying encrypted session_ticket Information , Client save ;

(b) If the client needs to establish a connection with the server again , It's in client_hello Extension field in session_ticket With encrypted information , Send it to the server ;

(c) Server decryption sesssion_ticket data , If the decryption fails , Follow the normal handshake process ;

(d) If the decryption is successful , Then return to change_cipher_spec And encrypted_handshake_message Information , Two information functions with session ID It's similar to ;

(f) If the client can verify that the data is encrypted through the server , The client also sends change_cipher_spec And encrypted_handshake_message Information ;

(g) The server verifies that the data passes through , Then the handshake is established successfully , Start normal encrypted data communication .

Rebuild the connection

Rebuild the connection renegotiation Give up what you are using TLS Connect , The process of new identity authentication and key agreement , The feature is that you can re authenticate without disconnecting the current data transmission 、 Update key or algorithm , Therefore, the information stored and cached on the server side can be maintained . Both the client and the server can initiate the process of reconnection , At present windows 2000 & XP And SSL 2.0 I won't support it .

(1). The server reconstructs the connection

Server side reconnection generally occurs when the client accesses protected data . The basic process is as follows :

(a) Between the client and the server, an effective TLS Connect and communicate ;

(b) Client access to protected information ;

(c) Server side return hello_request Information ;

(d) Client received hello_request After the message is sent client_hello Information , Start reconnecting .

(2). The client reconstructs the connection

The client reconstructs the connection in order to update the communication key .

(a) Between the client and the server, an effective TLS Connect and communicate ;

(b) The client needs to update the key , Send out voluntarily client_hello Information ;

(c) Server side received client_hello The information cannot be identified immediately after the information is not application data , So it will be submitted to the next step , After processing, it will return a notification that the information is required to rebuild the connection ;

(d) Before you decide to rebuild the connection , The server does not immediately stop sending data to the client , It may happen at the same time or there may be cached data that needs to be sent to the client , But the client doesn't send any more information to the server ;

(e) After the server recognizes the reconnection request , send out server_hello Information to the client ;

(f) The client also can't immediately determine that the information is not application data , Also submit to the next step for processing , After processing, it will return a notification that the information is required to reestablish the connection ;

(g) The client and server start a new reconnection process .

Key calculation

The last section mentioned two random numbers for plaintext transmission random_C and random_S Exchange between server and client by encryption Pre-master, Three parameters are the basis of key agreement . This section discusses and explains the basic calculation process of key agreement and the use of key in communication process .

(1). Calculation Key

Parameters involved random client and random server, Pre-master, Master secret, key material, When calculating the key , Both the server and the client have this basic information , The method of exchange is described in the previous section , The calculation process is as follows :

(a) Client side adoption RSA or Diffie-Hellman And so on Pre-master;

(b) Pre-master combination random client and random server Two random numbers pass through PseudoRandomFunction(PRF) To calculate the Master secret;

(c) Master secret combination random client and random server Two random numbers are calculated iteratively Key material;

Here are some important records , Can solve part of love in-depth study of friends doubts ,copy The material of , Share with you :

(a) PreMaster secret The first two bytes are TLS Version number of , This is an important version number used to check the handshake data , Because in Client Hello Stage , The client will send a list of encryption packages and the currently supported SSL/TLS The version number of the server , And it's in clear text , If the handshake packet is cracked , An attacker is likely to string packets , Choose a less secure encryption suite and version to the server , To crack the data . therefore , The server needs to decrypt the ciphertext PreMaster The version number is the same as before Client Hello Compare the version number of the stage , If the version number goes down , It means that it has been changed , Stop sending any messages immediately .(copy)

(b) Whether it's a client or a server , We need random numbers , This way, the generated key will not be the same every time . because SSL In the protocol, the certificate is static , Therefore, it is necessary to introduce a random factor to ensure the randomness of the negotiated key .

about RSA Key exchange algorithm ,pre-master-key It's a random number in itself , Plus hello Random in the message , Three random numbers are finally derived from a symmetric key through a key exporter .

pre master The existence of is that SSL The protocol does not trust that each host can generate completely random random numbers , If the random number is not random , that pre master secret It's possible to be guessed , So it only applies to pre master secret It doesn't work as a key , So new random factors must be introduced , So client and server plus pre master secret The key generated by three random numbers is not easy to guess , A pseudo-random may not be random at all , But three pseudo-random is very close to random , Every additional degree of freedom , It's not one that increases randomness .

(2). Key usage

Key after 12 Round iteration will get 12 individual hash value , Group into 6 Elements , The list is as follows :

(a) mac key、encryption key and IV It's a set of encryption elements , Used by client and server respectively , But both sets of elements are captured on both sides at the same time ;

(b) Client side usage client Group elements encrypt data , Server usage client Element decryption ; Server usage server Element encryption ,client Use server Element decryption ;

(c) Two way communication uses different keys in different directions , It takes at least two attempts to crack the communication ;

(d) encryption key For symmetric encryption of data ;

(e) IV It is used as the initialization vector of many encryption algorithms , Specifically, we can study symmetric encryption algorithm ;

(f) Mac key Used for data integrity check ;

(3). Data encryption communication process

(a) Partition the application layer data into appropriate ones block;

(b) Number the slice data , Prevent replay attacks ;

(c) Compress data using a negotiated compression algorithm ;

(d) Calculation MAC Value and compressed data constitute the transmission data ;

(e) Use client encryption key Encrypt data , Send to the server server;

(f) server After receiving the data, use client encrytion key Decrypt , Check the data , Decompress the data , Reassemble .

notes :MAC The calculation of the value consists of two Hash value :client Mac key and Hash ( Number 、 Package type 、 length 、 compressed data ).

Caught analysis

There is no more detailed analysis about bag grabbing , According to the previous analysis , The basic situation can match , According to the usual process of locating problems , I'd like to make some suggestions :

(1). Grab the bag HTTP signal communication , Can clearly see the communication header and information plaintext , however HTTPS It's encrypted communication , Can't see HTTP Clear text information about the header and data of the protocol ,

(2). Grab the bag HTTPS Communication mainly includes three processes :TCP Establishing a connection 、TLS handshake 、TLS Encrypted communication , Main analysis HTTPS Communication handshake establishment and status information .

(3).client_hello

according to version The information can know the highest protocol version number supported by the client , If it is SSL 3.0 or TLS 1.0 Wait for the lower version of the protocol , Pay attention to some cases of handshake failure due to low version ;

according to extension In the field server_name Whether field judgment is supported SNI, Being supports , Otherwise, it doesn't support , Useful for locating a handshake failure or certificate return error ;

Session ID session ID It's part of the standard agreement , If no connection has been established, the corresponding value is empty , If it is not empty, the corresponding connection has been established and cached before ;

Conversation recording session ticke t It's part of the extended protocol , The presence of this field indicates that the protocol supports sesssion ticket, Otherwise, it doesn't support , The value is null , Indicates that the connection has not been established and cached before , Exists and the value is not empty , Indicates that there is a cache connection .

(4).server_hello

according to TLS version Field to infer the maximum version of the protocol supported by the server , Different versions may cause handshake failure ;

be based on cipher_suite Information determines which encryption protocol the server supports first ;

(5).ceritficate

Certificate chain configured and returned by the server , According to the certificate information and compare with the server configuration file , Judge whether the request is consistent with the expectation , If it's not consistent , Whether to return the default certificate of .

(6).alert

The alarm information alert It will explain the reason why the connection failed, i.e. the alarm type , It's very important for positioning .

5、 ... and 、HTTPS Performance and optimization

HTTPS Performance loss

As discussed above HTTPS Principles and advantages : Authentication 、 Information encryption and integrity verification, etc , And it's not right TCP and HTTP Any modification of the agreement . But by adding new protocols to achieve more secure communication, it is necessary to pay a price ,HTTPS The performance loss of the protocol is mainly reflected as follows :

(1). Increase the delay

Analyze the previous handshake process , A complete handshake requires at least two back and forth communications between the two ends , At least increase the delay 2* RTT, Use session caching to reuse connections , The delay is at least 1* RTT*.

(2). More expensive CPU resources

In addition to data transmission ,HTTPS Communication mainly includes symmetric encryption and decryption 、 Asymmetric encryption and decryption ( The server mainly uses private key to decrypt data ); Pressure measurement TS8 The single core of the model CPU: Symmetric encryption algorithm AES-CBC-256 throughput 600Mbps, Asymmetric RSA Private key decryption 200 Time /s. Regardless of other software level overhead ,10G The network card needs consumption for symmetric encryption CPU about 17 nucleus ,24 nucleus CPU At most HTTPS Connect 4800;

Static nodes are currently 10G NIC TS8 Model HTTP The single access capability is about 10w/s, If you take all of them HTTP The connection becomes HTTPS Connect , Obviously RSA The decryption of the first to become a bottleneck . therefore ,RSA The ability of decryption is the current problem HTTPS The main problem of access .

HTTPS Optimization plan

(1).CDN Access

HTTPS The increased delay is mainly the transmission delay RTT,RTT The characteristic is that the closer the node is, the smaller the delay ,CDN Naturally closest to the user , So choose to use CDN As HTTPS Access to , Will be able to greatly reduce access delay .CDN The node maintains a long connection with the business server 、 Session multiplexing and link quality optimization and other controllable methods , Greatly reduce HTTPS The delay .

(2). Session cache

Although I mentioned before HTTPS Even with session caching, at least 1*RTT Time delay of , But at least the delay has been reduced by half , Obvious delay optimization ; meanwhile , Based on session cache HTTPS The connection does not need to be used by the server RSA Private key decryption get Pre-master Information , It can be omitted. CPU Consumption of . If the business access connection is centralized , High cache hit rate , be HTTPS The access capacity of is obviously improved . At present TRP The peak period of cache hit rate of the platform is greater than 30%,10k/s The access resources of can actually carry 13k/ Access to , The results are quite impressive .

(3). Hardware acceleration

Install dedicated... For access server SSL Hardware accelerators , Works in a similar way GPU, Release CPU, Can have a higher HTTPS Access capability without affecting business process . Test that a hardware accelerator card can provide 35k The ability to decrypt , amount to 175 nucleus CPU, At least equivalent to 7 platform 24 Core servers , Considering the cost of accessing other programs of the server , A hardware card can achieve close 10 The access capacity of servers .

(4). Remote decryption

Local access consumes too much CPU resources , Waste of network card and hard disk and other resources , Consider that it will cost the most CPU Resources RSA Decryption calculation task transferred to other servers , In this way, we can give full play to the access ability of the server , Make full use of bandwidth and network card resources . Remote decryption server can choose CPU A machine with a lower load acts as , Realize the reuse of machine resources , It can also be a specially optimized server with high computing performance . At present, too CDN Used on a large scale HTTPS One of the solutions for access .

Secure hypertext transfer protocol (HTTPS) More related articles in detail

  1. Hypertext transfer protocol http Detailed explanation

    HTTP Is an object-oriented protocol belonging to the application layer , Because of its simplicity . Fast way , Suitable for distributed hypermedia information system . It's on 1990 in , After several years of use and development , To be continuously perfected and expanded . Currently in WWW Is used in HTTP/1.0 Of the ...

  2. TCP( Control transmission protocol ) Detailed explanation

    1. Transport layer Overview stay OSI In the reference model , Network layer is the top layer of communication oriented, but it is also the bottom layer of user oriented program . The main function of the transport layer : Reuse : At the sending end , Multiple applications share a common transport layer : Divide up : At the receiving end , The transport layer receives from the network layer ...

  3. [ Re posting ] Technical literacy : The new generation is based on UDP Low latency network transport layer protocol ——QUIC Detailed explanation

    Technical literacy : The new generation is based on UDP Low latency network transport layer protocol ——QUIC Detailed explanation    http://www.52im.net/thread-1309-1-1.html   This article is from the technology sharing of Luo Cheng, senior R & D Engineer of Tencent , ...

  4. HTTP and HTTPS agreement , Detailed explanation

    The outline One . Preface : Let's look at these two pictures first , The first one to visit the domain name http://www.12306.cn, Google browser prompts unsafe Links , The second picture is https://kyfw.12306.cn/otn/regist/init, ...

  5. HTTPS---- Secure hypertext transfer protocol

    HTTPS protocol HTTPS Research and development for the purpose of confidentiality , To put it simply HTTP Security version . Its security base is SSL agreement , So for the details of encryption, please see SSL. Full name Hypertext Transfer Protocol over Se ...

  6. HTTP and HTTPS Detailed explanation

    http://blog.csdn.net/mingli198611/article/details/8055261/ from :http://www.cnblogs.com/ok-lanyan/archi ...

  7. 【RL-TCPnet Online tutorial 】 The first 41 Chapter HTTP Hypertext Transfer Protocol Basics

    The first 41 Chapter       HTTP Hypertext Transfer Protocol Basics This chapter will explain HTTP(HyperText Transfer Protocol, Hypertext transfer protocol ), Start with this chapter , It's officially embedded Web The design and learning of . ...

  8. HTTP Detailed explanation of the agreement diagram

    One . Concept Protocol refers to the regulations or rules that two computers must abide by when communicating with each other in the computer communication network , Hypertext transfer protocol (HTTP) Is a communication protocol , It allows hypertext markup language (HTML) Document from Web Browser delivered by server to client . ...

  9. ( turn )Http Protocol classic details

    from :http://blog.csdn.net/gueter/archive/2007/03/08/1524447.aspx Author :Jeffrey introduction HTTP It's an object-oriented application layer ...

Random recommendation

  1. HTML and CSS Classic layout 4

    Here's the picture : demand : 1. Pictured 2. It can be downloaded from body Tags start . <!DOCTYPE html> <html xmlns="http://www.w3.org/1999/xht ...

  2. PHP Problem with the SSL CA cert (path? access rights?)

    1.php Use curl Module error There's a problem with development , Using the system directly curl The command is normal , Use php Of curl Module error error :PHP Problem with the SSL CA cert (path? a ...

  3. JavaScriptOO.com – Quickly find what you need JS frame

    JavaScriptOO.com A collection of the present Web Most commonly used in development 422( Up to now ) paragraph JavaScript frame , You can sort it by function (Ajax, Animation , Chart , Games etc. ) Filtering and sorting , Quickly find what you need ...

  4. Introduce NSURLSession Network request Suite

    I translated an article yesterday <NSURLSession Use > The article , Address :http://www.cnblogs.com/JackieHoo/p/4995733.html, The original is from Apple's official introduction NSUR ...

  5. CSS in padding and margin And usage

    CSS in padding And margin 1.padding: padding , Represents the distance of the control content from the edge . 2.margin: Margin , Represents the edge of the control relative to the edge of the parent space . Reference resources :http://www.studyof ...

  6. Linux Lower installation jmeter

    One . use Xftp Upload apache-jmeter-2.13.tgz To Linux In the system Two . decompression apache-jmeter-2.13.tgz,tar xzfv apache-jmeter-2.13.tgz ...

  7. Study React series ( 5、 ... and )—— Optimize performance

    There are two ways to improve performance : One . Configuration level Two . The code level This article only considers from the code level : One . Avoid duplicate rendering Here's a word : When shouldComponentUpdate return false It doesn't trigger when it's on render The function is just ...

  8. ORACLE Database interview questions

    1. Explain the differences between cold and hot backup and their advantages answer : Hot backup database for archive mode , Backup while the database is still working . Cold backup means after the database is shut down , Make a backup , Database for all patterns . The advantage of hot backup is that when backup ...

  9. Linux NFS How to install and configure the server ( Graphic, )

    This article mainly introduces Linux NFS How to install and configure the server ( Graphic, ), Friends in need can refer to (http://xb.xcjl0834.com) One .NFS Service profile NFS yes Network File S ...

  10. Three.js Learning notes 05

    Scene related functions and attributes The following code applies to all the above functions and properties : <!DOCTYPE html> <html lang="en"> <head> ...